We performed a comparison between IBM Security QRadar and Secureworks Taegis XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"It showed us where weaknesses were in our environment, so we could actively target those patches first."
"The best part of this solution is having a third-party SOC."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"It's built around Red Hat Linux, which is highly robust."
"The visibility it gives you into your infrastructure has been great."
"It's a complete solution package."
"The initial setup was straightforward."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The licensing is a nightmare and has room for improvement."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The solution does not offer a unified response and standard data."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"It is not app based."
"IBM is going through some problems with its resources currently making its support response time slow."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"While the interface is easy to use, it could be a little more responsive."
"The price of IBM Security QRadar is an area of concern where improvements are required."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"Whenever we are upgrading or installing any type of patch, at that time we have some delays."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"The pricing could be improved."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
IBM Security QRadar is ranked 11th in Extended Detection and Response (XDR) with 198 reviews while Secureworks Taegis XDR is ranked 28th in Extended Detection and Response (XDR) with 2 reviews. IBM Security QRadar is rated 8.0, while Secureworks Taegis XDR is rated 6.0. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Secureworks Taegis XDR writes " It's a complete solution package". IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security, whereas Secureworks Taegis XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, CrowdStrike Falcon, Microsoft Defender for Cloud and LogRhythm UEBA. See our IBM Security QRadar vs. Secureworks Taegis XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.